Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Again: zone transfers, a spammer's dream?
From: xyberpix <xyberpix () xyberpix com>
Date: Thu, 30 Dec 2004 09:33:32 +0000

Hey Ralf,

You beat me to it, after Lode's post, I was gradually going through them
all, but time was not on my side, and well, I only managed to get to
MIL, but I can confirm that from AC-MIL are not false positives, as I
have the same one's.
As for what to think about this, well, it is rather worrying, and should
be stopped, but what would be a good way to go about getting this sorted
out?
Wonder if it would be worthwhile filing something on bugtraq to get it
out there, yeah I know that things on there aren't usually this big, but
it may force the admins to do something about it?
If you want to discuss this further off the list feel free to mail me
direct.

xyberpix

On Wed, 2004-12-29 at 17:32 +0100, Ralf Glauberman wrote:
Hello all,
after Lode Vermeiren having published on the 7th of December that many
tlds are transferable I did further research on this. Much to my
surprise this wasn't just a problem of little states. i did a complete
scan on all tlds (http://data.iana.org/TLD/tlds-alpha-by-domain.txt)
including every soa and ns server. i got results from 141 out of the
258 checked tlds. i din't check every single output, but there are not
more than 10 false-positives within these. while the ca zone is secure
now, i was really surprised that be (~ 42 MB, ~ 900.000 records) and
fi (~ 11 MB, ~ 235.000 records) are transferable.
all in all, i found that the following tlds are transferable (also
there might be some false-positives):
AC
AD
AG
AL
AN
AO
AR
ARPA
BA
BD
BE
BF
BG
BI
BJ
BM
BN
BO
BS
BT
BV
BW
CF
CI
CK
CM
CU
CV
CY
DJ
DZ
EC
EE
EG
ER
ES
ET
FI
FJ
FK
FM
GA
GB
GD
GE
GH
GL
GN
GP
GQ
GS
GT
GU
GW
GY
HN
IL
IN
INT
IO
JM
JO
KE
KG
KH
KI
KM
KN
KR
KY
KZ
LB
LC
LK
LR
LY
MA
MC
MD
MG
MH
MIL
MM
MN
MR
MS
MT
MUSEUM
MW
MX
MY
MZ
NA
NC
NE
NG
NI
NP
OM
PE
PG
PK
PY
SG
SH
SJ
SK
SM
SN
SO
SR
ST
SU
SV
SZ
TC
TD
TH
TJ
TM
TN
TO
TP
TR
TT
TZ
UA
UG
UK
UM
UY
VA
VC
VE
VG
VI
VU
YE
YU
ZA
ZW

so, here comes the old question: What do you think about this?

Best regards,
Ralf Glauberman
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-- 
For Security and Open Source news and tips visit:

http://www.xyberpix.com

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault